From ef317077c9b877de6e3b601dc3a84d3cf27f6183 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 22 Apr 2022 09:23:41 +0000 Subject: [PATCH 1/6] Bump google-cloud-datastore from 2.3.1 to 2.4.0 Bumps [google-cloud-datastore](https://github.com/googleapis/java-datastore) from 2.3.1 to 2.4.0. - [Release notes](https://github.com/googleapis/java-datastore/releases) - [Changelog](https://github.com/googleapis/java-datastore/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/java-datastore/compare/v2.3.1...v2.4.0) --- updated-dependencies: - dependency-name: com.google.cloud:google-cloud-datastore dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- jetty-gcloud/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jetty-gcloud/pom.xml b/jetty-gcloud/pom.xml index 87822776eaf..1bf58b3c115 100644 --- a/jetty-gcloud/pom.xml +++ b/jetty-gcloud/pom.xml @@ -13,7 +13,7 @@ Jetty :: GCloud - 2.3.1 + 2.4.0 From 2749560ea16fce6a71223c47185b841a2fd204c1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 22 Apr 2022 09:26:18 +0000 Subject: [PATCH 2/6] Bump maven-antrun-plugin from 3.0.0 to 3.1.0 Bumps [maven-antrun-plugin](https://github.com/apache/maven-antrun-plugin) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/apache/maven-antrun-plugin/releases) - [Commits](https://github.com/apache/maven-antrun-plugin/compare/maven-antrun-plugin-3.0.0...maven-antrun-plugin-3.1.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-antrun-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 00a008c6eea..09020da78c7 100644 --- a/pom.xml +++ b/pom.xml @@ -137,7 +137,7 @@ 0.8.8 2.7 4.1 - 3.0.0 + 3.1.0 3.3.0 5.1.4 3.2.0 From efd9f26024e9d1e3ffd45c81fbba7a1c1e2f49c7 Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Mon, 25 Apr 2022 08:30:31 +0200 Subject: [PATCH 3/6] Fix #7891 regex pathInfo (#7892) Fix 7891 regex pathInfo + Use the pathSpec methods to set servletPath and pathInfo when possible Signed-off-by: Greg Wilkins --- .../jetty/server/ServletPathMapping.java | 8 ++++- .../org/eclipse/jetty/server/RequestTest.java | 34 +++++++++++++++++++ .../jetty/servlet/RegexServletTest.java | 6 ++-- 3 files changed, 44 insertions(+), 4 deletions(-) diff --git a/jetty-server/src/main/java/org/eclipse/jetty/server/ServletPathMapping.java b/jetty-server/src/main/java/org/eclipse/jetty/server/ServletPathMapping.java index c03607f542e..3e4643069eb 100644 --- a/jetty-server/src/main/java/org/eclipse/jetty/server/ServletPathMapping.java +++ b/jetty-server/src/main/java/org/eclipse/jetty/server/ServletPathMapping.java @@ -90,9 +90,15 @@ public class ServletPathMapping implements HttpServletMapping throw new IllegalStateException(); } } + else if (pathSpec != null) + { + _mappingMatch = null; + _servletPath = pathSpec.getPathMatch(pathInContext); + _matchValue = _servletPath.startsWith("/") ? _servletPath.substring(1) : _servletPath; + _pathInfo = pathSpec.getPathInfo(pathInContext); + } else { - // TODO can we do better for RegexPathSpec _mappingMatch = null; _matchValue = ""; _servletPath = pathInContext; diff --git a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java index 73269c2d738..99e3dca600f 100644 --- a/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java +++ b/jetty-server/src/test/java/org/eclipse/jetty/server/RequestTest.java @@ -62,6 +62,7 @@ import org.eclipse.jetty.http.HttpVersion; import org.eclipse.jetty.http.MetaData; import org.eclipse.jetty.http.MimeTypes; import org.eclipse.jetty.http.UriCompliance; +import org.eclipse.jetty.http.pathmap.RegexPathSpec; import org.eclipse.jetty.http.pathmap.ServletPathSpec; import org.eclipse.jetty.io.Connection; import org.eclipse.jetty.io.EndPoint; @@ -2043,6 +2044,39 @@ public class RequestTest assertThat(m.getPathInfo(), is(spec.getPathInfo(uri))); } + @Test + public void testRegexPathMapping() + { + RegexPathSpec spec; + ServletPathMapping m; + + spec = new RegexPathSpec("^/.*$"); + m = new ServletPathMapping(spec, "Something", "/some/path"); + assertThat(m.getMappingMatch(), nullValue()); + assertThat(m.getPattern(), is(spec.getDeclaration())); + assertThat(m.getServletName(), is("Something")); + assertThat(m.getServletPath(), is("/some/path")); + assertThat(m.getPathInfo(), nullValue()); + assertThat(m.getMatchValue(), is("some/path")); + + spec = new RegexPathSpec("^/some(/.*)?$"); + m = new ServletPathMapping(spec, "Something", "/some/path"); + assertThat(m.getMappingMatch(), nullValue()); + assertThat(m.getPattern(), is(spec.getDeclaration())); + assertThat(m.getServletName(), is("Something")); + assertThat(m.getServletPath(), is("/some")); + assertThat(m.getPathInfo(), is("/path")); + assertThat(m.getMatchValue(), is("some")); + + m = new ServletPathMapping(spec, "Something", "/some"); + assertThat(m.getMappingMatch(), nullValue()); + assertThat(m.getPattern(), is(spec.getDeclaration())); + assertThat(m.getServletName(), is("Something")); + assertThat(m.getServletPath(), is("/some")); + assertThat(m.getPathInfo(), nullValue()); + assertThat(m.getMatchValue(), is("some")); + } + private static long getFileCount(Path path) { try (Stream s = Files.list(path)) diff --git a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RegexServletTest.java b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RegexServletTest.java index 1940308cbc3..d4e67f13c35 100644 --- a/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RegexServletTest.java +++ b/jetty-servlet/src/test/java/org/eclipse/jetty/servlet/RegexServletTest.java @@ -79,7 +79,7 @@ public class RegexServletTest assertThat(response, containsString("servletPath='/test/info'")); assertThat(response, containsString("pathInfo='null'")); assertThat(response, containsString("mapping.mappingMatch='null'")); - assertThat(response, containsString("mapping.matchValue=''")); + assertThat(response, containsString("mapping.matchValue='test/info'")); assertThat(response, containsString("mapping.pattern='^/test/.*$'")); } @@ -96,7 +96,7 @@ public class RegexServletTest assertThat(response, containsString("servletPath='/Test/info'")); assertThat(response, containsString("pathInfo='null'")); assertThat(response, containsString("mapping.mappingMatch='null'")); - assertThat(response, containsString("mapping.matchValue=''")); + assertThat(response, containsString("mapping.matchValue='Test/info'")); assertThat(response, containsString("mapping.pattern='^/[Tt]est(/.*)?'")); } @@ -113,7 +113,7 @@ public class RegexServletTest assertThat(response, containsString("servletPath='/include'")); assertThat(response, containsString("pathInfo='null'")); assertThat(response, containsString("mapping.mappingMatch='null'")); - assertThat(response, containsString("mapping.matchValue=''")); + assertThat(response, containsString("mapping.matchValue='include'")); assertThat(response, containsString("mapping.pattern='^/include$'")); } From e12d5d58b6cf4ed8243dd903c0867001d327493c Mon Sep 17 00:00:00 2001 From: Greg Wilkins Date: Tue, 26 Apr 2022 19:04:17 +0200 Subject: [PATCH 4/6] Jetty 10 7918 root pathspec (#7920) Fix #7918 Root path spec Handle root pathspec in PathMappings.asPathSpec Introduce protected asPathSpec to allow for extensibility Signed-off-by: Greg Wilkins --- .../jetty/http/pathmap/PathMappings.java | 19 ++++------ .../jetty/http/pathmap/PathMappingsTest.java | 15 ++++++++ .../security/ConstraintSecurityHandler.java | 10 ++++- .../jetty/security/ConstraintTest.java | 38 +++++++++++++++++++ 4 files changed, 70 insertions(+), 12 deletions(-) diff --git a/jetty-http/src/main/java/org/eclipse/jetty/http/pathmap/PathMappings.java b/jetty-http/src/main/java/org/eclipse/jetty/http/pathmap/PathMappings.java index 1f1b3ecd867..ba02c8a0ae7 100644 --- a/jetty-http/src/main/java/org/eclipse/jetty/http/pathmap/PathMappings.java +++ b/jetty-http/src/main/java/org/eclipse/jetty/http/pathmap/PathMappings.java @@ -18,7 +18,6 @@ import java.util.ArrayList; import java.util.Comparator; import java.util.Iterator; import java.util.List; -import java.util.Optional; import java.util.Set; import java.util.TreeSet; import java.util.function.Predicate; @@ -199,23 +198,21 @@ public class PathMappings implements Iterable>, Dumpable public static PathSpec asPathSpec(String pathSpecString) { - if ((pathSpecString == null) || (pathSpecString.length() < 1)) - { + if (pathSpecString == null) throw new RuntimeException("Path Spec String must start with '^', '/', or '*.': got [" + pathSpecString + "]"); - } + + if (pathSpecString.length() == 0) + return new ServletPathSpec(""); + return pathSpecString.charAt(0) == '^' ? new RegexPathSpec(pathSpecString) : new ServletPathSpec(pathSpecString); } public E get(PathSpec spec) { - Optional optionalResource = _mappings.stream() + return _mappings.stream() .filter(mappedResource -> mappedResource.getPathSpec().equals(spec)) - .map(mappedResource -> mappedResource.getResource()) - .findFirst(); - if (!optionalResource.isPresent()) - return null; - - return optionalResource.get(); + .map(MappedResource::getResource) + .findFirst().orElse(null); } public boolean put(String pathSpecString, E resource) diff --git a/jetty-http/src/test/java/org/eclipse/jetty/http/pathmap/PathMappingsTest.java b/jetty-http/src/test/java/org/eclipse/jetty/http/pathmap/PathMappingsTest.java index 11d0568572c..00b5da8e920 100644 --- a/jetty-http/src/test/java/org/eclipse/jetty/http/pathmap/PathMappingsTest.java +++ b/jetty-http/src/test/java/org/eclipse/jetty/http/pathmap/PathMappingsTest.java @@ -20,6 +20,7 @@ import org.junit.jupiter.params.provider.ValueSource; import static org.hamcrest.CoreMatchers.equalTo; import static org.hamcrest.CoreMatchers.is; import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.instanceOf; import static org.hamcrest.Matchers.notNullValue; import static org.hamcrest.Matchers.nullValue; import static org.junit.jupiter.api.Assertions.assertEquals; @@ -456,4 +457,18 @@ public class PathMappingsTest assertThat(p.remove(new ServletPathSpec("/a/b/c")), is(true)); assertThat(p.remove(new ServletPathSpec("/a/b/c")), is(false)); } + + @Test + public void testAsPathSpec() + { + assertThat(PathMappings.asPathSpec(""), instanceOf(ServletPathSpec.class)); + assertThat(PathMappings.asPathSpec("/"), instanceOf(ServletPathSpec.class)); + assertThat(PathMappings.asPathSpec("/*"), instanceOf(ServletPathSpec.class)); + assertThat(PathMappings.asPathSpec("/foo/*"), instanceOf(ServletPathSpec.class)); + assertThat(PathMappings.asPathSpec("*.jsp"), instanceOf(ServletPathSpec.class)); + + assertThat(PathMappings.asPathSpec("^$"), instanceOf(RegexPathSpec.class)); + assertThat(PathMappings.asPathSpec("^.*"), instanceOf(RegexPathSpec.class)); + assertThat(PathMappings.asPathSpec("^/"), instanceOf(RegexPathSpec.class)); + } } diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java index c395880b8ab..34c0d7fee7a 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/ConstraintSecurityHandler.java @@ -35,6 +35,7 @@ import javax.servlet.annotation.ServletSecurity.TransportGuarantee; import org.eclipse.jetty.http.HttpStatus; import org.eclipse.jetty.http.pathmap.MappedResource; import org.eclipse.jetty.http.pathmap.PathMappings; +import org.eclipse.jetty.http.pathmap.PathSpec; import org.eclipse.jetty.server.HttpConfiguration; import org.eclipse.jetty.server.Request; import org.eclipse.jetty.server.Response; @@ -422,7 +423,7 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr */ protected void processConstraintMapping(ConstraintMapping mapping) { - Map mappings = _constraintRoles.get(PathMappings.asPathSpec(mapping.getPathSpec())); + Map mappings = _constraintRoles.get(asPathSpec(mapping)); if (mappings == null) { mappings = new HashMap<>(); @@ -467,6 +468,13 @@ public class ConstraintSecurityHandler extends SecurityHandler implements Constr } } + protected PathSpec asPathSpec(ConstraintMapping mapping) + { + // As currently written, this allows regex patterns to be used. + // This may not be supported by default in future releases. + return PathMappings.asPathSpec(mapping.getPathSpec()); + } + /** * Constraints that name method omissions are dealt with differently. * We create an entry in the mappings with key "<method>.omission". This entry diff --git a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java index 72b5404fe4e..3d802d77a1d 100644 --- a/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java +++ b/jetty-security/src/test/java/org/eclipse/jetty/security/ConstraintTest.java @@ -1869,6 +1869,44 @@ public class ConstraintTest assertThat(response, startsWith("HTTP/1.1 403 ")); } + @Test + public void testDefaultConstraint() throws Exception + { + _security.setAuthenticator(new BasicAuthenticator()); + + ConstraintMapping forbidDefault = new ConstraintMapping(); + forbidDefault.setPathSpec("/"); + forbidDefault.setConstraint(_forbidConstraint); + _security.addConstraintMapping(forbidDefault); + + ConstraintMapping allowRoot = new ConstraintMapping(); + allowRoot.setPathSpec(""); + allowRoot.setConstraint(_relaxConstraint); + _security.addConstraintMapping(allowRoot); + + _server.start(); + String response; + + response = _connector.getResponse("GET /ctx/ HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 200 OK")); + + response = _connector.getResponse("GET /ctx/anything HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 403 Forbidden")); + + response = _connector.getResponse("GET /ctx/noauth/info HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 403 Forbidden")); + + response = _connector.getResponse("GET /ctx/forbid/info HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 403 Forbidden")); + + response = _connector.getResponse("GET /ctx/auth/info HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 401 Unauthorized")); + assertThat(response, containsString("WWW-Authenticate: basic realm=\"TestRealm\"")); + + response = _connector.getResponse("GET /ctx/admin/relax/info HTTP/1.0\r\n\r\n"); + assertThat(response, startsWith("HTTP/1.1 200 OK")); + } + private static String authBase64(String authorization) { byte[] raw = authorization.getBytes(ISO_8859_1); From 0604d8db6b94e484ad4e7b55f64e44386d687e39 Mon Sep 17 00:00:00 2001 From: Lai Jiang Date: Wed, 27 Apr 2022 10:18:37 -0400 Subject: [PATCH 5/6] Fix an error (#7924) --- .../src/main/asciidoc/operations-guide/begin/deploy.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/documentation/jetty-documentation/src/main/asciidoc/operations-guide/begin/deploy.adoc b/documentation/jetty-documentation/src/main/asciidoc/operations-guide/begin/deploy.adoc index ed20e96c220..f622c9fe55c 100644 --- a/documentation/jetty-documentation/src/main/asciidoc/operations-guide/begin/deploy.adoc +++ b/documentation/jetty-documentation/src/main/asciidoc/operations-guide/begin/deploy.adoc @@ -42,7 +42,7 @@ mywebapp.war <1> Publicly accessible resources such as `+*.html+`, `+*.jsp+`, `+*.css+`, `+*.js+` files, etc. are placed in `+*.war+` or in sub-directories of the `+*.war+`. <2> `WEB-INF` is a special directory used to store anything related to the web application that must not be publicly accessible, but may be accessed by other resources. <3> `WEB-INF/classes` stores the web application compiled `+*.class+` files -<4> `WEB-INF/classes` stores the web application `+*.jar+` files +<4> `WEB-INF/lib` stores the web application `+*.jar+` files <5> `WEB-INF/web.xml` is the web application deployment descriptor defines the components and the configuration of your web application. ==== From 1369693a99e3d9cb97988ec99399945792610570 Mon Sep 17 00:00:00 2001 From: Padraic Renaghan Date: Wed, 27 Apr 2022 18:40:07 -0400 Subject: [PATCH 6/6] Fix #7929 requestlog format string commented default Signed-off-by: Padraic Renaghan --- jetty-server/src/main/config/modules/requestlog.mod | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jetty-server/src/main/config/modules/requestlog.mod b/jetty-server/src/main/config/modules/requestlog.mod index 8c2848360f9..220c0033a57 100644 --- a/jetty-server/src/main/config/modules/requestlog.mod +++ b/jetty-server/src/main/config/modules/requestlog.mod @@ -19,7 +19,7 @@ logs/ [ini-template] # tag::documentation[] ## Request log line format string. -# jetty.requestlog.formatString=%a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t "%r" %s %B "%{Referer}i" "%{User-Agent}i" "%C" +#jetty.requestlog.formatString=%{client}a - %u %{dd/MMM/yyyy:HH:mm:ss ZZZ|GMT}t "%r" %s %O "%{Referer}i" "%{User-Agent}i" ## The logging directory (relative to $JETTY_BASE). # jetty.requestlog.dir=logs